1 #ifndef HEADER_CURL_NTLM_MSGS_H
2 #define HEADER_CURL_NTLM_MSGS_H
3 /***************************************************************************
5 * Project ___| | | | _ \| |
7 * | (__| |_| | _ <| |___
8 * \___|\___/|_| \_\_____|
10 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
12 * This software is licensed as described in the file COPYING, which
13 * you should have received as part of this distribution. The terms
14 * are also available at http://curl.haxx.se/docs/copyright.html.
16 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
17 * copies of the Software, and permit persons to whom the Software is
18 * furnished to do so, under the terms of the COPYING file.
20 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
21 * KIND, either express or implied.
23 ***************************************************************************/
25 #include "curl_setup.h"
29 /* This is to generate a base64 encoded NTLM type-1 message */
30 CURLcode Curl_ntlm_create_type1_message(const char *userp,
32 struct ntlmdata *ntlm,
36 /* This is to generate a base64 encoded NTLM type-3 message */
37 CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data,
40 struct ntlmdata *ntlm,
44 /* This is to decode a NTLM type-2 message */
45 CURLcode Curl_ntlm_decode_type2_message(struct SessionHandle *data,
47 struct ntlmdata* ntlm);
49 /* This is to decode target info received in NTLM type-2 message */
50 CURLcode Curl_ntlm_decode_type2_target(struct SessionHandle *data,
51 unsigned char* buffer,
53 struct ntlmdata* ntlm);
56 /* This is to clean up the ntlm data structure */
57 #ifdef USE_WINDOWS_SSPI
58 void Curl_ntlm_sspi_cleanup(struct ntlmdata *ntlm);
60 #define Curl_ntlm_sspi_cleanup(x)
63 /* NTLM buffer fixed size, large enough for long user + host + domain */
64 #define NTLM_BUFSIZE 1024
66 /* Stuff only required for curl_ntlm_msgs.c */
67 #ifdef BUILDING_CURL_NTLM_MSGS_C
69 /* Flag bits definitions based on http://davenport.sourceforge.net/ntlm.html */
71 #define NTLMFLAG_NEGOTIATE_UNICODE (1<<0)
72 /* Indicates that Unicode strings are supported for use in security buffer
75 #define NTLMFLAG_NEGOTIATE_OEM (1<<1)
76 /* Indicates that OEM strings are supported for use in security buffer data. */
78 #define NTLMFLAG_REQUEST_TARGET (1<<2)
79 /* Requests that the server's authentication realm be included in the Type 2
83 #define NTLMFLAG_NEGOTIATE_SIGN (1<<4)
84 /* Specifies that authenticated communication between the client and server
85 should carry a digital signature (message integrity). */
87 #define NTLMFLAG_NEGOTIATE_SEAL (1<<5)
88 /* Specifies that authenticated communication between the client and server
89 should be encrypted (message confidentiality). */
91 #define NTLMFLAG_NEGOTIATE_DATAGRAM_STYLE (1<<6)
92 /* Indicates that datagram authentication is being used. */
94 #define NTLMFLAG_NEGOTIATE_LM_KEY (1<<7)
95 /* Indicates that the LAN Manager session key should be used for signing and
96 sealing authenticated communications. */
98 #define NTLMFLAG_NEGOTIATE_NETWARE (1<<8)
101 #define NTLMFLAG_NEGOTIATE_NTLM_KEY (1<<9)
102 /* Indicates that NTLM authentication is being used. */
104 /* unknown (1<<10) */
106 #define NTLMFLAG_NEGOTIATE_ANONYMOUS (1<<11)
107 /* Sent by the client in the Type 3 message to indicate that an anonymous
108 context has been established. This also affects the response fields. */
110 #define NTLMFLAG_NEGOTIATE_DOMAIN_SUPPLIED (1<<12)
111 /* Sent by the client in the Type 1 message to indicate that a desired
112 authentication realm is included in the message. */
114 #define NTLMFLAG_NEGOTIATE_WORKSTATION_SUPPLIED (1<<13)
115 /* Sent by the client in the Type 1 message to indicate that the client
116 workstation's name is included in the message. */
118 #define NTLMFLAG_NEGOTIATE_LOCAL_CALL (1<<14)
119 /* Sent by the server to indicate that the server and client are on the same
120 machine. Implies that the client may use a pre-established local security
121 context rather than responding to the challenge. */
123 #define NTLMFLAG_NEGOTIATE_ALWAYS_SIGN (1<<15)
124 /* Indicates that authenticated communication between the client and server
125 should be signed with a "dummy" signature. */
127 #define NTLMFLAG_TARGET_TYPE_DOMAIN (1<<16)
128 /* Sent by the server in the Type 2 message to indicate that the target
129 authentication realm is a domain. */
131 #define NTLMFLAG_TARGET_TYPE_SERVER (1<<17)
132 /* Sent by the server in the Type 2 message to indicate that the target
133 authentication realm is a server. */
135 #define NTLMFLAG_TARGET_TYPE_SHARE (1<<18)
136 /* Sent by the server in the Type 2 message to indicate that the target
137 authentication realm is a share. Presumably, this is for share-level
138 authentication. Usage is unclear. */
140 #define NTLMFLAG_NEGOTIATE_NTLM2_KEY (1<<19)
141 /* Indicates that the NTLM2 signing and sealing scheme should be used for
142 protecting authenticated communications. */
144 #define NTLMFLAG_REQUEST_INIT_RESPONSE (1<<20)
145 /* unknown purpose */
147 #define NTLMFLAG_REQUEST_ACCEPT_RESPONSE (1<<21)
148 /* unknown purpose */
150 #define NTLMFLAG_REQUEST_NONNT_SESSION_KEY (1<<22)
151 /* unknown purpose */
153 #define NTLMFLAG_NEGOTIATE_TARGET_INFO (1<<23)
154 /* Sent by the server in the Type 2 message to indicate that it is including a
155 Target Information block in the message. */
163 #define NTLMFLAG_NEGOTIATE_128 (1<<29)
164 /* Indicates that 128-bit encryption is supported. */
166 #define NTLMFLAG_NEGOTIATE_KEY_EXCHANGE (1<<30)
167 /* Indicates that the client will provide an encrypted master key in
168 the "Session Key" field of the Type 3 message. */
170 #define NTLMFLAG_NEGOTIATE_56 (1<<31)
171 /* Indicates that 56-bit encryption is supported. */
173 #endif /* BUILDING_CURL_NTLM_MSGS_C */
175 #endif /* USE_NTLM */
177 #endif /* HEADER_CURL_NTLM_MSGS_H */